Director of Application Security

About AlphaSense: 

The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content.

The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us!

Location: Remote within USA

About the Role

As the Director of Application Security, you will lead and scale AlphaSense's Application Security function, reporting to the VP of Product Security. You will build and manage a high-performing team responsible for securing our cloud-based SaaS products across the entire software development lifecycle. In this role, you'll establish strategic security initiatives, drive organizational change, and partner closely with engineering, product, and compliance teams to embed security as an enabler of innovation rather than a blocker.



You'll balance hands-on technical leadership with people management, mentoring engineers while shaping the vision and roadmap for application security in a fast-growing, AI-driven technology company. This role requires someone who can translate complex security challenges into business outcomes and foster a culture of security excellence across distributed global teams.

Key Responsibilities

• Build, mentor, and manage a globally distributed team of application security engineers, establishing career development paths and fostering a collaborative security culture
• Develop and execute the application security strategy, defining metrics and KPIs while partnering with leadership to communicate security posture to executives
• Oversee application security initiatives across all products, including secure SDLC practices, vulnerability management, threat modeling, architecture reviews, and bug bounty programs
• Define tooling strategy for Application Security, driving automation to achieve high remediation coverage while maintaining development velocity
• Partner with engineering, product, compliance, and other security teams to embed security throughout the organization, delivering training and acting as a trusted advisor on security architecture

Required Qualifications

• 10+ years of experience in Application or Product Security, with at least 3+ years in a management or leadership role
• Proven track record of building and scaling security teams in SaaS or cloud-native environments
• Deep expertise in web application security, API security, microservices, and containerized architectures
• Strong understanding of modern development practices, including CI/CD, DevSecOps, and agile methodologies
• Experience implementing and managing security tooling across the SDLC (SAST, DAST, SCA, container scanning)
• Demonstrated ability to work effectively with distributed global teams across multiple time zones
• Excellent communication and stakeholder management skills, with the  ability to present to executive audiences
• Strong technical background with hands-on experience in at least one major programming language (Python, Java, Go, JavaScript)
• Knowledge of cloud security best practices, particularly AWS, Kubernetes, and container orchestration

Nice to Have

• Experience in data analytics, AI/ML, or LLM product security
• Background implementing runtime application security or supply chain security controls
• Track record of driving security automation initiatives that improve both security posture and developer experience
• Experience with security frameworks (OWASP SAMM, BSIMM, NIST CSF)
• Certifications such as CISSP, OSCP, OSWE, CSSLP, AWS Security Specialty, or CCSP
• Prior experience managing security in highly regulated industries or with enterprise customers
  
  Why Join Us?
• Work on cutting-edge security challenges in a fast-growing company.
• Opportunity to shape and drive product security strategy.
• Collaborative and security-minded engineering culture.
• Competitive compensation, benefits, and career growth opportunities.

If you're a hands-on security leader passionate about building secure products, we’d love to hear from you!

AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination.

In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.

Recruiting Scams and Fraud

We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note:

• AlphaSense never asks candidates to pay for job applications, equipment, or training.
• All official communications will come from an @alpha-sense.com email address.
• If you’re unsure about a job posting or recruiter, verify it on our Careers page.

If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.